← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #32870

[Bug 1454792] [NEW] Inconsistency with authorization in functional test environment

  Thread PreviousDate PreviousThread Next 
Public bug reported:

While writing a functional test I stumbled on the following
inconsistency:

When glance-api is launched with default flavor (no authentication) and
glance-registry with fakeauth flavor (or any other requiring user token)
any CRUD operation via api without a valid token should return 401, as
long as the user receives 401 from glance registry.

But the expected behaviour is not observed with glance v2 api. The user
can still perform any operation without supplying a token in headers.

I covered the issue in a test: https://review.openstack.org/#/c/180615/

** Affects: glance
     Importance: Undecided
         Status: New

** Description changed:

  While writing a functional test I stumbled on the following
- inconsistency with no authorization/authorization flavors:
+ inconsistency:
  
  When glance-api is launched with default flavor (no authentication) and
  glance-registry with fakeauth flavor (or any other requiring user token)
  any CRUD operation via api without a valid token should return 401, as
  long as the user receives 401 from glance registry.
  
  But the expected behaviour is not observed with glance v2 api. The user
  can still perform any operation without supplying a token in headers.
  
  I covered the issue in a test: https://review.openstack.org/#/c/180615/

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Glance.
https://bugs.launchpad.net/bugs/1454792

Title:
  Inconsistency with authorization in functional test environment

Status in OpenStack Image Registry and Delivery Service (Glance):
  New

Bug description:
  While writing a functional test I stumbled on the following
  inconsistency:

  When glance-api is launched with default flavor (no authentication)
  and glance-registry with fakeauth flavor (or any other requiring user
  token) any CRUD operation via api without a valid token should return
  401, as long as the user receives 401 from glance registry.

  But the expected behaviour is not observed with glance v2 api. The
  user can still perform any operation without supplying a token in
  headers.

  I covered the issue in a test:
  https://review.openstack.org/#/c/180615/

To manage notifications about this bug go to:
https://bugs.launchpad.net/glance/+bug/1454792/+subscriptions

Follow ups

References

  Thread PreviousDate PreviousThread Next